Medium severity5.3NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026
CVE-2021-44848
CVE-2021-44848
Description
In Cibele Thinfinity VirtualUI before 3.0, /changePassword returns different responses for invalid authentication requests depending on whether the username exists.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Thinfinity/VirtualUIdescription
- Range: <3.0
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/165327/Cibele-Thinfinity-VirtualUI-2.5.41.0-User-Enumeration.htmlnvdExploitThird Party AdvisoryVDB Entry
- github.com/cybelesoft/virtualui/issues/1nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.